plugin-creator
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as a scaffolding tool for creating plugin structures, which is a standard developer productivity use case.
- [SAFE]: Input validation is enforced for plugin names to prevent naming collisions and ensure consistency with the platform's requirements.
- [SAFE]: References to shell command execution (e.g.,
chmod +x) and package management (e.g.,npm install) are provided as templates or examples for the user's generated plugin, rather than being executed by the skill itself in a hidden or malicious manner. - [SAFE]: The skill explicitly documents security constraints, such as the fact that plugin-shipped agents are restricted from using hooks or MCP servers to prevent privilege escalation within the platform.
Audit Metadata